Logo

GDPR & Dentascribe

Last updated: 17/03/2025

This page does not serve as legal advice. Please determine together with your legal advisor how GDPR applies to your business.

What is UK GDPR?

The General Data Protection Regulation (GDPR) is a European Union (EU) privacy law that allows EU citizens and residents to have access and control over their personal data.

In 2018, the UK Government took on the EU (Withdrawal) Act to prepare the country to leave the European Union. This Act incorporates several EU laws into UK domestic law. As part of the UK leaving the EU, the GDPR was incorporated into UK domestic law. The European Court of Justice enforced it in the UK until 31 December 2020.

At the beginning of 2021, the UK legal system expelled the European Union GDPR and replaced it with the UKโ€™s GDPR. The UK and EU versions of GDPR are pretty much identical, with the UK government replaced references to things like the European parliament with UK institutions.

What is Data Protection Act 2018?

Think of the UK GDPR as the overarching framework for data protection in the UK. The Data Protection Act 2018 is the specific UK law that brings the GDPR into effect and adds extra rules and details relevant to the UK context, particularly for areas like law enforcement and national security.

Is Dentascribe GDPR and DPA Compliant?

Yes. Dentascribe is based in United Kingdom and complies with the Data Protection Act and GDPR frameworks.

These are the measures we took:

Do you have a Data Processing Agreement?

When you sign up to Dentascribe, you agree to the content of our Data Processing Agreement and accept to be bound by it. It is not necessary to sign this document.

If you would like to sign a DPA on behalf of your dental practice or organisation, we provide a Data Processing Agreement. Contact us at contact@dentascrribe.uk if you would like to sign the DPA.

What happens with patient data?

Dentascribe is the provider of an AI notes and documentation service, and not the owner of the patient data entered into Dentascribe. The user is responsible for the data he/she/they collects and is thus data controller of the respondent data. Dentascribe is the processor and stores information on your behalf. As long as your account is active you (as the data controller) have full control over the data you collect, and the time period for which you store the data.

How do you use my personal data?

Dentascribe acts as a data controller in the relationship between Dentascribe and our customers (users), for the personal information you give us in order to use our service (registration information for example). Dentascribe does not sell personal data to third parties or for serving advertisements.

We only share your information with our service providers who help us operate our business, in which case those third parties are required to comply with the GDPR framework.

Sub-processors

NameDescription
Country
May process patient data
Link
VercelHosting๐Ÿ‡บ๐Ÿ‡ธYes (opt-in: live appointment recording)Learn more
SupabaseDatabase, Auth, Edge functions๐Ÿ‡บ๐Ÿ‡ธ
(Server: ๐Ÿ‡ฌ๐Ÿ‡ง)
Yes (opt-in: synced notes)Learn more
ResendEmail๐Ÿ‡บ๐Ÿ‡ธNoLearn more
SignNowElectronic signatures๐Ÿ‡บ๐Ÿ‡ธNoLearn more
MixpanelAnalytics๐Ÿ‡บ๐Ÿ‡ธ
(Data residency: ๐Ÿ‡ช๐Ÿ‡บ)
NoLearn more
StripePayments๐Ÿ‡บ๐Ÿ‡ธNoLearn more
OpenAIAI Generation๐Ÿ‡บ๐Ÿ‡ธYes (opt-in: live appointment recording)Learn more
GroqAI Generation๐Ÿ‡บ๐Ÿ‡ธYes (opt-in: live appointment recording)Learn more
Logo

๐Ÿ‡ฌ๐Ÿ‡ง Made in the UK

Copyright ยฉ Dentascribe 2025

Product

HomePricingLive Appointment RecordingBlog